Overview

overview

7

Static

static

7

1647e74f8a...18.exe

windows7-x64

7

1647e74f8a...18.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    05/10/2024, 05:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1647e74f8a3277826ef5974d999a17ac_JaffaCakes118.exe

  • Size

    140KB

  • MD5

    1647e74f8a3277826ef5974d999a17ac

  • SHA1

    2b96d684f6a86f431226aba81c1c5bbad45f8fb8

  • SHA256

    bfc08a9cd81081ac2518e795bc3b86420a25958b52c5085ab6ba31dab8fed1c4

  • SHA512

    afe88d5746dee8cbaffe8fcf5c61b0f86190ab33a00d2b43771867a439f002384e4e3bcbf68d0c47c18771366768afa37048a41a0786fd33dfdcd469bf0ae40c

  • SSDEEP

    3072:s6r5Ifw06tL0AQzXFDmh0r0IWJsaOMGzw+Ua:s6ufwTtLLaFDw01aHGzw+U

Score
7/10
aspackv2discoverypersistence

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 2 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 39 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1647e74f8a3277826ef5974d999a17ac_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\1647e74f8a3277826ef5974d999a17ac_JaffaCakes118.exe"
    1⤵
    • Adds Run key to start application
    • System Location Discovery: System Language Discovery
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2112
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.youtube.com/watch?v=gOO_UqzEc5Y
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2392
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2392 CREDAT:275457 /prefetch:2
        3⤵
        • System Location Discovery: System Language Discovery
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2248

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          914B

          MD5

          e4a68ac854ac5242460afd72481b2a44

          SHA1

          df3c24f9bfd666761b268073fe06d1cc8d4f82a4

          SHA256

          cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f

          SHA512

          5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          1KB

          MD5

          a266bb7dcc38a562631361bbf61dd11b

          SHA1

          3b1efd3a66ea28b16697394703a72ca340a05bd5

          SHA256

          df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e

          SHA512

          0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC
          Filesize

          252B

          MD5

          c2fc574be7f8b238e1d73c258fc992de

          SHA1

          8f8ff204873cfce92dd28e0e0f63dc0748a7b8fe

          SHA256

          99d6ee740acc405b469b65d93693cf3aca712e20bd1f4a4dbdc81a817a3026f0

          SHA512

          637a39da82b6eaa3a4956d01326254ed10ace75f3a95112078bfe931869c9335402a185e597e7cc0f5166ce21919fa63c6e1df71166668890cf94f57c541fe72

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          473e5c0617818e366317011854c66f1b

          SHA1

          e50f08ff5422b532f0132b708c566dd236833ef4

          SHA256

          d5c908ecedfbbe6ba0856a07a46dafcfa9164cc06eee1e8f4ec26861636d10fa

          SHA512

          9e8fa6cb95081d9d23776ff62edf551b3e9e5b3cf57d977451db6e914361f38f00443fbc967fbd4517b9f8ce10a785dadbfa7954543c771aa53148e44641d06f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6af71716ca318b0fee3577849d1f94fa

          SHA1

          e8099d1e7f6ecf886ac65e9b07b1d87cf78357a0

          SHA256

          43e4270d66f347e7e6efe7ea8fc579f4e612fa80a744ecb4160e24a5ef6c163e

          SHA512

          312f574efce920627d2498580b06b359f7f16c01097e5a8e7effedb5fc40f3931c59507d2e261489e06d16cf8b4f7662f2618aeb684a1a6ccf85848b6e9c5825

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          73ec3c2bacdd588093f9c518c2e2cb7a

          SHA1

          e935c1733a3f5fb6a3558e53f937bb7dffc14720

          SHA256

          acd95d40432b8ffe6badb5add46251b2ce7bb9da7f0ec28ca6724836cc1bba20

          SHA512

          26b862b5a570428f661b63947b4957b58b58c0a80fd313776d1d5ae5c5150dc8af14b86a2e119c5bae05ede9d280c9b75b3bcb07dc68eafe0e7390aac1cb4b27

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5c77231674452c10a9f0f6cb37596188

          SHA1

          84e7b173f3b0aa49dd1ad604ae42996431085db9

          SHA256

          c73f9654ab3f3dd410b2280dfc25cace6b7a63aeb9e14456adb8a8b4269ae7c6

          SHA512

          b51de36304888f2eeb3edfc146676cef7319a468740d99259c70e2c8a37559a4f15b10f3a7c5065251116239c24d41a95a4aa48063141f8c974b9756230c4f24

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          09490ee3b81ede07e3cf83c6ab2193bf

          SHA1

          fd18e3ff478ddc7cacca6361833682d39096c0cd

          SHA256

          0b5aee668dbc60de7820b6b621620eb85c838501bfa767677b39a5aa478eb93c

          SHA512

          e51f4cbfdfb0599a119e6e1d2b82cedfcf8ea4a91c90811e92d71c2aceac616187174d53f8cf3de1c642f37c8621de05260f6bf5df63c436715cdb795fa5e3af

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d6726195e1803bf274c358e15e107900

          SHA1

          fcc8b540e4166ea06ffe18d6d591d5e0ef7dc738

          SHA256

          2e632671404573e1780a6624739bf9fcf139e6bf0dcbc10c2c7921af4253c4bd

          SHA512

          38c149d473ef55ddc928cf247b1f438fb0b7fe715045e2c174ec7d06fcdc84e966db7c8568d3d970360a6e0621646d32dab1aae0fbd2a758221122026d432b51

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          fb4ecb26593bd3c88d74235d4fc40818

          SHA1

          92cad620b324cc8aeb3d64563bb892f637d4ca43

          SHA256

          4bbcfce1e67c88c63aa905797a7c9144737fb98c4c5762f3310d2c8cbaaa3da4

          SHA512

          f397122b1fbb498933921036a46a9f12faa6d0ca728e1c1e69ce668dfd3908fba4221bbdfde66652ac9d5b99a60d358b9454a58cee994cb406c9c2da0bc836b1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          e05e1ae5e09b865a187446e06dd933de

          SHA1

          2ddebc73872bda461eab366835f662bad99d13ef

          SHA256

          1b6f981429dc2be0c84205e350520a1021208eb98d621777392af0626fce8470

          SHA512

          3376eb34c05aff67c4143d53faf4c10ce7d5df8b20c5bdf12c959270f9f6aac353e332348c5fdd7497de584a04c6abd5b70dfca92460a21b9a856ce84c8b41c5

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7220b827aac770e7ea2095e2631e3be4

          SHA1

          9b69f25f3cb917ba300827843fbbd0e621e59b7d

          SHA256

          e4a4d30d2a3ca413700fd281892664e9fe85ecfbbecb13602bdea9eb25421d0e

          SHA512

          6e415264c72c13a2c39181d689a737ad329d1c78a7a914207ca1afae878780b96f90400539275a39f268f3602a4a4f21a5ac8d9e1a66022401e511a29e457e34

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          39a7a4146b7ec282f0a247538f4a870b

          SHA1

          287702fdaf56eae1ff855991294f9a25d8a2a38a

          SHA256

          a40d36dfb631ed17241d4fd7618d2a291d613773aa85917ac30fc6c4f467f3cf

          SHA512

          8eaee2ad73052f242e550b378fc0fb6ed343b3afe1fb41e73fc606abb88efe78443692348d0b0209da46524498512dbbd391723ae40701c630be750ea25ba9e2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          bf3c860618e4ed22ed703afb17fd3d9f

          SHA1

          b62a44846df92bdc66a1dcb140310d7c2cd8bcd8

          SHA256

          5c94fd4a266c0ebcfa2a444178957c415a04e297901b0dcf821a80e6c2088e98

          SHA512

          4a6bbd75e808b656824a5e3e8aeb32d4058f6cb513634ca7f88bd9fc585e5b704bed0837026c89030f485174dfd9bd5cfe8ad337e48bc69f4ecc03e8a72e69ff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          3eadd2b91204c5730e741552ece44db8

          SHA1

          8a36af443782d46b147f9667554fd8add6638b56

          SHA256

          51c0439aa5d2a4d2c91d7567eb59cd473766865a86f2f2f100b773eeaf33ea36

          SHA512

          61c23a68cb718f7b512c6e8a699ade4bc93e2c5bbbcfa016347eeb391d49b0235b039aa87b65bbfb29e8ba504bb128cd7ff1f74e394b0ed0af60ac53dbc46f75

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          342e2d8ff34875d038e30c2874f7fd11

          SHA1

          9231a6a00fc0b5d7d07b5eda04734c0225c0800d

          SHA256

          6d42f51cc52a33e4f6606120ecd3f06637d58aa3c669f5364185196dedcea7b7

          SHA512

          a5213d43d2ea7a0d57237042ec021b94adefcc7124046c430a8ebdaf0a5abca2fe79b0891c3ece1bf79d811e6cf6344e55d7f69a0470dac853838fbd791fed99

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          754f581956ba1d650627dff222f06701

          SHA1

          21e8f7d112cc3d1c963a07dd5c3950475606ee10

          SHA256

          110260ff0a59647ea404d3189e56a288f007220044cd2c136d4dc61bcdccfc03

          SHA512

          a007a7afef24a37264fc5116f94d0f34410b588e5633d829b5ffe981ddfc2ebad0b08872e81b40aeff86e01b12201fd0158e68059f3091ef770d2c1a3fc905bc

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8be59f35ba103d7f154894a198d8b6c2

          SHA1

          58846d8a25f9204b763dcfe87cb391b49f74582a

          SHA256

          849791fe4aac7f2f390e5cbce92a6ce54cb7cc97bd2a0da12f28e7861f0a2bdf

          SHA512

          5cb76338ebd2d3b8eeb248a451dc5f687f821991b8ef368060a5699155b157a50383d283a8025c6c681cf392f18f4d52d939ec6f865fa916d3221f78fba2a376

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7323b37d5e09ca7348958709fe8e1e53

          SHA1

          16c61fb7f33a2ea221c85f826fa0e62e68c3438c

          SHA256

          5a4fa05f0d46478e51d3e58c3ea8bf2cd063f222f1be454fbbf334411acaf9ae

          SHA512

          66f6ed2191db56b2692fe12b98d6b825fe83b7464d40a50a0ca13a99a779da1c94ec46e72d76e9dcc66d7286b842c5672c4c77fe01ef563012224f8d534822fb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5b46937c9dff457c131993adbebc4fa2

          SHA1

          534217a6f35883c68a6b264c33565473cec7fb4d

          SHA256

          2048a0c4c7d7fbbfe0afe8a7ee7b92b6dd16bbbb2a032d13285071a17762ccc1

          SHA512

          8885ebff130ec63fd6f0aaf4692a713d6ef6b6e6f37281b7d2fa4076eb3c6b009af4922704e05b0628ed728b282064538342c3b5e4284aa034e853e76f3d7ad9

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          99691f5c0e16d0bf39155d35cc3e98d1

          SHA1

          5fb729268f80c690bf1688077667734ec97360b2

          SHA256

          f049961add5edf4afd266ab04bd04670d857cd72b0b7b077c6cd810d4477d63a

          SHA512

          26df47ca2a6886de181d168b8566cf980e223c6e44276fcefd9a1760cfa7011ab8e5559e4d3c8458fac410727b409e17f1c1e3157261fbb96ba17932bba28279

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2e105fe3e324cbac543ea29bd9d2d446

          SHA1

          39510b45fa2bb22cbffffc7a11c2c944dd65656b

          SHA256

          d03bdf5134782974b096b694d15cb34de4370b49c42ab9cbc543a4b70f6b146c

          SHA512

          56187b292bd27f96db4a03dffe643b1325859a1462160a1b370b654ffd2c6224617873936cf36da8778f588fa5f5b17a09b407e7f9755a9c218a44083147afe0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357
          Filesize

          242B

          MD5

          73c2f5bec04d0423deba733dbac6efa2

          SHA1

          64e47ee3d1ad269694f633dd990742b1f88ccae0

          SHA256

          b564ccd4a72f756de2b5fd02913d9ff0fc40c5cd979d2d9d35047eed32f6f2a4

          SHA512

          3d07cbced5ddbc142dee9cef45dfa1d946142e88321b5ed2bf49aa7fb723192c142d08a7536ff857595e69b9c95d25de8269d045235127d2c0e66d19bf4ba94c

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\njqq61f\imagestore.dat
          Filesize

          1KB

          MD5

          df8234bc5bfe404e24f520fae70a799f

          SHA1

          f022e823a396eeb049a27512eb6d95927939b3d8

          SHA256

          f99f7d9696ddd57be407a79bdc8355f367e99bc3d92796b58c04bcd48de14c10

          SHA512

          cd872d9a2815eda834cb5b6330d88974c8cab65313c0fccb214f3741c2b0ae253ed951af2239d1323470c9f8f4728b5aea4fa18d8cb44203bb742737afe842fb

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7CNUR30T\favicon[1].ico
          Filesize

          1KB

          MD5

          f2a495d85735b9a0ac65deb19c129985

          SHA1

          f2e22853e5da3e1017d5e1e319eeefe4f622e8c8

          SHA256

          8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

          SHA512

          6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab61B.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar61C.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • memory/2112-0-0x0000000000400000-0x0000000000487000-memory.dmp

          Filesize

          540KB

          Download

        • memory/2112-6-0x0000000000400000-0x0000000000487000-memory.dmp

          Filesize

          540KB

          Download

        • memory/2112-7-0x0000000000270000-0x00000000002B6000-memory.dmp

          Filesize

          280KB

          Download

        • memory/2112-3-0x0000000000400000-0x0000000000487000-memory.dmp

          Filesize

          540KB

          Download

        • memory/2112-2-0x0000000000270000-0x00000000002B6000-memory.dmp

          Filesize

          280KB

          Download